﻿@using WebMatrix.WebData

@* Remove this section if you are using bundling *@
@section Scripts {
    <script src="~/Scripts/jquery.validate.min.js"></script>
    <script src="~/Scripts/jquery.validate.unobtrusive.min.js"></script>
}

@{
    WebSecurity.RequireAuthenticatedUser();

    Layout = "~/_SiteLayout.cshtml";
    Page.Title = "Change Password";

    bool isSuccess = false;
    var currentPassword = Request["currentPassword"];
    var newPassword = Request["newPassword"];
    var confirmPassword = Request["confirmPassword"];

    // Setup validation
    Validation.RequireField("currentPassword", "The current password field is required.");
    Validation.RequireField("newPassword", "The new password field is required.");
    Validation.Add("confirmPassword",
        Validator.Required("The confirm new password field is required."),
        Validator.EqualsTo("newPassword", "The new password and confirmation password do not match."));
    Validation.Add("currentPassword",
        Validator.StringLength(
            maxLength: Int32.MaxValue,
            minLength: 6,
            errorMessage: "Current password must be at least 6 characters"));
    Validation.Add("newPassword",
        Validator.StringLength(
            maxLength: Int32.MaxValue,
            minLength: 6,
            errorMessage: "New password must be at least 6 characters"));

    if (IsPost) {
        if (Validation.IsValid()) {
            if (WebSecurity.ChangePassword(WebSecurity.CurrentUserName, currentPassword, newPassword)) {
                isSuccess = true;
            } else {
                ModelState.AddFormError("An error occurred when attempting to change the password. Please contact the site owner.");
            }
        } else {
            ModelState.AddFormError("Password change was unsuccessful. Please correct the errors and try again.");
        }
    }
}

@if (!OAuthWebSecurity.IsAuthenticatedWithOAuth) {
    <hgroup class="title">
        <h1>@Page.Title.</h1>
        <h2>Use the form below to change your password.</h2>
    </hgroup>

    if (isSuccess) {
        <p class="message-success">
            Your password has been updated!
        </p>
    }

    <form method="post">
        @Html.ValidationSummary(excludeFieldErrors: true)

        <fieldset>
            <legend>Change Password Form</legend>
            <ol>
                <li class="current-password">
                    <label for="currentPassword" @if (!ModelState.IsValidField("currentPassword")) {<text>class="error-label"</text>}>Current password</label>
                    <input type="password" id="currentPassword" name="currentPassword" @Validation.For("currentPassword")/>
                    @Html.ValidationMessage("currentPassword")
                </li>
                <li class="new-password">
                    <label for="newPassword" @if (!ModelState.IsValidField("newPassword")) {<text>class="error-label"</text>}>New password</label>
                    <input type="password" id="newPassword" name="newPassword" @Validation.For("newPassword")/>
                    @Html.ValidationMessage("newPassword")
                </li>
                <li class="confirm-password">
                    <label for="confirmPassword" @if (!ModelState.IsValidField("confirmPassword")) {<text>class="error-label"</text>}>Confirm password</label>
                    <input type="password" id="confirmPassword" name="confirmPassword" @Validation.For("confirmPassword")/>
                    @Html.ValidationMessage("confirmPassword")
                </li>
            </ol>
            <input type="submit" value="Change password" />
            <p>
                Click <a href="~/Account/ForgotPassword" title="Forgot password page">here</a> if you've forgotten your password.
            </p>
        </fieldset>
    </form>
}

<div class="message-info">
    <p>
        To let users of this site log in using their accounts from other sites such as Facebook, Twitter, 
        and Windows Live, you must update this site. For more information 
        read the <a href="http://go.microsoft.com/fwlink/?LinkID=226949">OAuth Guide</a>.
    </p>
</div>
@*<p>
    Click <a href="~/Account/AssociateServiceAccount" title="Associate OAuth Account">here</a> to associate this account with an third party service log in.
</p>
<p>
    Click <a href="~/Account/DisassociateServiceAccount" title="Disassociate OAuth Account">here</a> to disassociate this account from an third party service log in.
</p>*@
